check resource approval only if pci device differs

This commit is contained in:
Arthur Lu 2023-06-23 03:20:56 +00:00
parent 1fb934fd0f
commit 4fa5fb158f

View File

@ -694,23 +694,32 @@ app.post("/api/instance/pci/modify", async (req, res) => {
if (!auth) { return; } if (!auth) { return; }
// force all functions // force all functions
req.body.device = req.body.device.split(".")[0]; req.body.device = req.body.device.split(".")[0];
// setup request // get instance config to check if device has not changed
let deviceData = await getDeviceInfo(req.body.node, req.body.type, req.body.vmid, req.body.device); let config = (await requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", req.body.cookies, null, pveAPIToken)).data.data;
let request = { let currentDeviceData = await getDeviceInfo(req.body.node, req.body.type, req.body.vmid, config[`hostpci${req.body.hostpci}`].split(",")[0]);
pci: deviceData.device_name if (!currentDeviceData) {
}; res.status(500).send({ error: `No device in hostpci${req.body.hostpci}.` });
// check resource approval
if (!await approveResources(req, req.cookies.username, request)) {
res.status(500).send({ request: request, error: `Could not fulfil request for ${deviceData.device_name}.` });
res.end(); res.end();
return; return;
} }
// check node availability // only check user and node availability if base id is different
let nodeAvailPci = await getNodeAvailDevices(req.body.node, req.cookies); if (currentDeviceData.id.split(".")[0] !== req.body.device) {
if (!nodeAvailPci.some(element => element.id.split(".")[0] === req.body.device)) { // setup request
res.status(500).send({ error: `Device ${req.body.device} is already in use on ${req.body.node}.` }); let deviceData = await getDeviceInfo(req.body.node, req.body.type, req.body.vmid, req.body.device);
res.end(); let request = { pci: deviceData.device_name };
return; // check resource approval
if (!await approveResources(req, req.cookies.username, request)) {
res.status(500).send({ request: request, error: `Could not fulfil request for ${deviceData.device_name}.` });
res.end();
return;
}
// check node availability
let nodeAvailPci = await getNodeAvailDevices(req.body.node, req.cookies);
if (!nodeAvailPci.some(element => element.id.split(".")[0] === req.body.device)) {
res.status(500).send({ error: `Device ${req.body.device} is already in use on ${req.body.node}.` });
res.end();
return;
}
} }
// setup action // setup action
let action = {}; let action = {};
@ -833,7 +842,7 @@ app.delete("/api/instance/pci/delete", async (req, res) => {
return; return;
} }
// setup action // setup action
let action = JSON.stringify({ delete: `hostpci${req.body.hostpci}`}); let action = JSON.stringify({ delete: `hostpci${req.body.hostpci}` });
// commit action, need to use root user here because proxmox api only allows root to modify hostpci for whatever reason // commit action, need to use root user here because proxmox api only allows root to modify hostpci for whatever reason
let rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getApplicationConfig().pveroot), null); let rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getApplicationConfig().pveroot), null);
if (!(rootauth.status === 200)) { if (!(rootauth.status === 200)) {
@ -846,7 +855,7 @@ app.delete("/api/instance/pci/delete", async (req, res) => {
CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken
}; };
let result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null); let result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null);
await handleResponse(req.body.node, result, res); await handleResponse(req.body.node, result, res);
}); });
/** /**